Keep up to date

News

Just click on any of the blue bars to read the news!

During the last 5 years since our official launch we have helped parents and organizations in over 240 countries across the world improve the way they supervise their connected devices.

We’d like to thank you for depositing your trust in us, and understanding the value proposition that makes Qustodio so unique. It’s people like our longest running active subscriber, a Canadian, who first signed up for Qustodio back in October 2011, and our first ever paying customer, a Minnesotan, who signed up in November 2012, that have made us the most popular brand in the space.

Interest over time according to Google Trends
We want to thank all our current and past users, subscribers, customers, employees, partners and collaborators for being part of our success.

You chose to install Windows operating system on your computer or, maybe, for various technical reasons, you had to reinstall it. No matter your reasons, it’s important to keep in mind various security layers after this procedure, so your computer is safe from threats.

How to secure your PC after a fresh Windows installation

After finishing the Windows installation, whether it’s Windows 7, 10 or another operating system, we encourage you to follow these security measures below to enhance protection:

1. Keep your Windows operating system up to date

Probably the most important step to do is checking for the latest security updates and patches available for your Windows operating system.

To get the security updates automatically, go to “Control Panel” and check if your automatic updating system is enabled or follow these steps:

Click on Automatically download updates in case it is not already selected/turned on.

After checking for available updates for your Windows operating system, keep the automatic update turned on in order to download and install the important updates that can help protect your PC against new viruses or next-generation malware.

Always remember to keep your OS up to date with the latest security available. Software patching remains an essential key to improve online safety and security experts make a good case of emphasizing its importance. Cybercriminals still try to benefit from security holes found in users’ systems and PCs. That’s one of the reasons why cyber attacks still work and they make a lot of money of it.

2. Update your software

You don’t have to update only the Windows operating system, but your software as well. Therefore, make sure all the latest updates and security patches for your main programs and apps are installed.

Needless to say that most popular pieces of software (such as Java, Adobe Flash, Adobe Shockwave, Adobe Acrobat Reader), especially the outdated ones, are always under threat from malicious actors who exploit them to get easier access to your sensitive data.

Since these pieces of software are always under threat from criminal minds, don’t just rely on your memory to manually update every program or application you have installed.

3. Create a restore point

If you already installed the security updates for Windows OS, the next step recommended is to create a restore point in Windows.

You can do this by clicking on the Start button, then select Control Panel -> System and Maintenance (or System and Security) -> System. Then select System protection and click the Create button.

After installing Windows, you can create the Restore Point and name it Clean installation, and continue installing drivers and applications.

If one of the drivers causes issues on the system, you can always go back to the Clean installation restore point.

4. Install a traditional antivirus product

When you consider installing an antivirus program on your PC, make sure you use one from a legitimate company, because there can be fake software programs out there. It is important to have a reliable security solution on your system, which should include real-time scanning, automatic update, and a firewall.

To find the best antivirus that suits your needs, read this ultimate guide that will teach you more about antiviruses, its main features and what should you look for.

If you choose to install a security product that doesn’t have a firewall, make sure you have turned on the Windows firewall.

To turn it on, go to Control Panel, select System and Security, then Windows Defender Firewall andturn it on or off.

5. Install a proactive security solution for multi-layered protection

On our blog, we explained on many occasions why traditional antivirus is no longer the go-to solution, simply because it cannot keep up with the rise of new and advanced online threats. Financial malware especially is created to steal sensitive data and confidential information and it uses sophisticated methods to do so.

Next-gen malware usually has the ability to evade detection and bypass antivirus software that users have installed on their PCs to keep their data safe. We recommend reading these 12 examples of spam campaigns behind the scenes indicating a low detection rate for AV engines during the first stages of a cyber attack.

With the help of a proactive cybersecurity solution, you get the best protection against financial and data-stealing malware, such as Zeus or Cryptolocker.

6. Back up your system

You updated the operating system and your system applications, you have installed additional security products for your system safe and even created a Clean installation restore point for your Windows.

The steps above are meant to keep you safe from malicious software and online threats, but you may still encounter hardware issues that could endanger your private information.

To make sure your data stays safe, you should be using a twofold strategy, which should include combining an external hard drive usage with an online backup service.

We need to emphasize the importance of having a backup solution which provides stability (look for a big company name), it’s easy to use (so you won’t have a headache backing up from files), allows you to synchronize your files with the online backup servers and provides some sort of security, such as encryption capabilities.

At the same time, you could simply use your Windows Backup system. To set it up, access your Windows Control Panel and then click Backup and Restore to access the location. From this place, you can set an automatic backup, create a schedule and even choose a network location for your backup files.

7. Use a standard user account

Windows provides a certain level of rights and privileges depending on what kind of user account you have. You may use a standard user account or an administrator user account.

To secure your PC, it is recommended to have a standard account to prevent users from making changes that affect everyone who uses the computer, such as deleting important Windows files necessary for the system.

With a Standard user account, you have limited rights and cannot do things like changing system settings, or installing new software apps, hardware or changing the username and passwords. Here’s why you should use an account like this one and how to create it.

If you want to install an application or make security changes, remember that you will need an administrator account.

We also recommend that you set a strong password for your Windows user account.

Use this security guide that will help you set unique and strong passwords and manage them like an expert.

Top Security Tip:

Using a standard account ensures that a piece of malware which infects a limited-user account won’t do much damage as one infecting an administrator account.

8. Keep your User Account Control enabled

User Account Control (UAC) is an essential security feature of Windows that prevents unauthorized changes to the operating system. Many users have the tendency to disable it after installing/reinstalling the Windows operating system.

We don’t recommend to turn it off. Instead of disabling the UAC, you can decrease the intensity level using a slider in the Control Panel.

UAC monitors what changes are going to be made to your computer. When important changes appear, such as installing a program or removing an application, the UAC pops up asking for an administrator-level permission.

In case your user account is infected with malware, UAC helps you by keeping suspicious programs and activities from making changes to the system.

9. Secure your web browser before going online

Here’s another thing to do after installing Windows: pay attention to browser security. Since our web browser is the main tool used to access the Internet, it is important to keep it safe before going online.

10. Use an encryption software tool for your hard drive

Even if you set a password to your Windows account, malicious actors can still get unauthorized access to your private files and documents. They can do this by simply booting into their own operating system – Linux, for example – from a special disc or USB flash drive.

A solution for this case is to encrypt your hard drive and protect all your sensitive files. It is recommended to use this level of security if you have a laptop, which can be very easily stolen. The same thing applies to a computer.

A free encryption tool you can use is BitLocker, which is available on the latest Windows operating systemsand you can enable it at any moment. Even after you have enabled the BitLocker protection, you won’t notice any difference because you don’t have to insert anything else but your normal Windows user account password. The benefits of using this encryption tool:

It’s also a great encryption software if it happens to lose your PC/laptop or get it stolen.

Easy to use and already integrated into your Windows OS, so there’s no need to add another encryption software.

If you’d rather want to use another solution, here’s a full list of encryption software tools you can choose to protect your data.

11. Be careful online and don’t click on suspicious links

To make sure you won’t be infected by clicking on dangerous links, hover the mouse over the link to see if you are directed to a legitimate location. If you were supposed to reach your favorite news website, such as “www.cnn.com”, but the link indicates “hfieo88.net“, then you probably shouldn’t access it. Chances are you’ll be infected with malware and cybercriminals steal your sensitive data.

It’s worth trying shortening services, such as goo.gl or tinyurl. But in some cases, an unknown link may send you to a malicious site that can install malware on the system.

So, how can you know where you’ll arrive if you click it?

To make sure you are going to the right direction, use a free tool such as Redirect Detective that will allow you to see the complete path of a redirected link. Another tool which can provide very helpful in checking suspicious links is the reliable URL checker, VirusTotal.

What does work look like today - and what are the security risks? That's the question we wanted to answer when our Duo Labs research & development team dove into our vast amount of data to analyze user behavior and device health, resulting in our latest report, The 2018 Duo Trusted Access Report: The State of Enterprise Remote Access.

About 11 million users completed nearly half a billion authentications per month, using 10.7 million devices to securely log into 800,000 enterprise applications and services.

2018 TAR Methodology

When it comes to remote access, users are increasingly logging into work applications from non-office networks. This is unsurprising, given the global trend toward a more distributed workforce.

In Gallup's poll, State of the American Workplace,* 43 percent of employed Americans spent at least some time working remotely in 2016, a four percent increase since 2012. Plus, these employees are working remotely, for longer periods of time - the share that reported working remotely at least four or five days a week rose to 31 percent from 24 percent.

A Harvard Business Review article found that productivity increased when employees worked from home, attributing a third of the reason for higher productivity to working from a quieter environment; citing offices as extremely distracting places. The other two-thirds was attributed to working longer hours due to working from a more comfortable environment.

Remote work is up - whether it’s working from home or potentially other places, like coffee shops, airports, hotel rooms, planes, trains, etc. And that means your users need to be able to access work resources remotely to do their jobs - luckily, the cloud-centric model of applications means they can log in wherever they have a web browser and internet.

With that convenience comes potential risks that anyone can remotely access your company’s applications and data, if they’re able to steal or guess a user’s password (and if your systems aren’t protected by multi-factor authentication).

And this can be easily achieved via phishing attempts - the second part of user behavior that Duo Labs uncovered by analyzing 7,483 phishing simulation campaigns conducted from mid 2017 to April 2018 on more than 230,000 recipients via the Duo Admin Panel and free Duo Insight tool.

Check out the full report to find out how many people, on average, opened, clicked on links, entered credentials, or had out-of-date devices in the phishing simulations. Plus, find out how many people work from several different networks a week, and the latest per-industry trends around remote access.

Device Health

Our data shows that macOS/iOS devices are trending upwards, as Windows declines slightly - but the good news is, more devices than ever are finally running Windows 10, the latest version of the Microsoft operating system (OS). The full report has metrics on these trends, as well as which industries are the quickest at adopting Windows 10, and which ones are the slowest to make the leap.

Unfortunately, although improving, there’s still a hefty percentage of enterprise devices are still running Windows 7, originally released in 2009. Almost all WannaCry victims were running Windows 7 - roughly 98 percent were running some version of the OS, according to data from Kaspersky Lab.

The WannaCry ransomware epidemic that hit the globe in May of last year moved like a worm, quickly spreading across computer networks, encrypting files, denying access, demanding ransom for decryption, and generally wreaking havoc on major healthcare systems, gas and electric companies, telecom businesses and many others.

Not to be overly dramatic or anything, but the ransomware did put the lives and health of people at risk - all because it was able to infect and cripple computer systems running on an out-of-date version of OS. More specifically, the ransomware was spread via a vulnerability that affects the Windows implementation of the Server Message Block (SMB) protocol found in many older versions of Windows. The critical patch for this vulnerability was released in March 2017, meaning many systems were unpatched at the time of the attack.

Check out the full report for even more statistics on Android patching, which browser is most out of date, how many browsers still have Flash installed, and much more.

Zero-Trust Security

Given all of the risks that phishing and malware present to remote access to applications used in the enterprise, the industry is seeing a shift to identity-based controls that verify both the identity of a user and security health of their device.

Known as a zero-trust security model, this framework assures no traffic within an enterprise's network is any more trustworthy than traffic coming from outside the network.

The first steps toward this model include establishing trust in your users’ identities with two-factor authentication, and gaining visibility and trust in their devices. The report lists out each step of the zero-trust maturity model with more information about each.

2018 TAR Summary and Duo Beyond

Incidentally, Duo Beyond does just this, helping organizations of all sizes secure access to all applications, for any user, from any device, and from anywhere. Learn more about Duo Beyond and download The 2018 Duo Trusted Access Report.

The latest federal agency cybersecurity risk assessment report reveals that 74 percent of agencies are at risk or high risk. Released in May of this year by the Office of Management and Budget (OMB) and the Department of Homeland Security (DHS), the report uses the following schema to categorize and define risk:

High Risk: Key, fundamental cybersecurity policies, processes, and tools are either not in place or not deployed sufficiently.

At Risk: Some essential policies, processes, and tools are in place to mitigate overall cybersecurity risk, but significant gaps remain.

The OMB, DHS and NSA (National Security Agency) found that federal agencies weren't able to identify the attack vector in 38 percent of security incidents.

In efforts to improve situational awareness across agencies, the Office of the Director of National Intelligence has created a Cyber Threat Framework to help standardize how agencies communicate about cyber threats.

This common language categorizes different stages of the threat lifecycle - including:

Preparation - Reconnaissance or collecting information to help inform an attack

According to the report, the framework aligns with the NIST framework functions and other NIST Special Publications. The Cybersecurity Threat Framework closely maps to the same steps in NIST SP 800-37, Risk Management Framework to Federal Information Systems.
MFA Progress, But Access Management Needs Work

Other findings from the risk assessment include the significant progress in enforcing the use of multi-factor authentication through the use of Personal Identity Verification (PIV) cards. Agencies have now enforced the use of this control among 93 percent of their privileged users, which the report defines as having access to sensitive agency and citizen data.

But when it comes to access management, agencies have not matured. The risk assessments found that identity, credential and access management (ICAM) processes need to improve by establishing attribute or role-based access controls for users.

A decentralized and fragmented IT landscape has led to ICAM problems, including too many different solutions and user directories that prevent agencies from getting a comprehensive view of their users and their access to government networks and sensitive government information.

Only 55 percent of agencies limit access based on user attributes and roles, while another 57 percent review and track administrative privileges.

Other notable findings from the report include:

27% of agencies have the ability to detect and investigate attempts to access large volumes of data

30% of agencies have predictable, enterprise-wide incident response processes in place

16% of agencies achieved the government-wide target for encrypting data at rest

Comprehensive Access Visibility & Control

One way to get that enterprise-wide view of who is on agency networks is by using a comprehensive access security solution that easily integrates into your existing directories and access management technology.